I am having some serious issues with an ADFS 2.0 Infrastructure.To cut a very long story short I have to re-issue a new single label certifcate for the federated service and reset their whole certificate infrastructure including decommissioning an old SBS 2011 Server/The result everything working fine bar the Microsoft Online Relaying Claims for 0365. Now I am quite happy rebuidling the ADFS 2.0 Infrastructure, but is there any chance it could wipe out the links to the mailboxes which have been migrated across on their Exchange Hybrid.Monday morning is coming ever closer and with no email solution before then I is fried.......
Any help guys would be great.
- 105 Views
- Last Post 30 January 2017
The link is based on AD FS sending an Immutable ID claim to AAD. By default, that is the objectGUID of the AD account. As long as that hasn’t been changed,
the default configuration that the cmdlets setup in your new AD FS infrastructure will work just fine.
w – 312.625.1438 | c – 312.731.3132
Cheers Brian. There was something going on with the authentication side of things. I converted the domain back to standalone , so at least users have email tomorrow and ill go through the logs to see if I can figure out what happened.
Not sure it is relevant.
There is a new authentication method released in preview Azure AD Pass through authentication & Single sign on with Password Hash Sync,
which will illuminate the need of ADFS.
It is a good feature, we have our passwords synced in Azure AD, and we have enabled Single Sign on Feature along with this, now it gives a pure Single
sign on (based on a Kerberos ticket). And this feature is opportunistic, when Kerberos doesn’t work in case of disaster scenario it just prompts for password...
Nice... I take it also provides a feature to restrict usage to onsite ip addresses ?